| 1 |
//---PACKAGE DECLARATION--- |
| 2 |
package uk.org.iscream.cms.server.filter.plugins; |
| 3 |
|
| 4 |
//---IMPORTS--- |
| 5 |
import uk.org.iscream.cms.server.filter.PluginFilter; |
| 6 |
import uk.org.iscream.cms.server.filter.*; |
| 7 |
import uk.org.iscream.cms.server.core.*; |
| 8 |
import uk.org.iscream.cms.server.util.*; |
| 9 |
import uk.org.iscream.cms.server.componentmanager.*; |
| 10 |
|
| 11 |
/** |
| 12 |
* This plugin is designed to check the source of incoming |
| 13 |
* packets, and ensure the source machine is permitted to |
| 14 |
* send packets through the system. |
| 15 |
* |
| 16 |
* @author $Author: tdb $ |
| 17 |
* @version $Id: SourceChecker__Plugin.java,v 1.1 2002/03/20 16:32:37 tdb Exp $ |
| 18 |
*/ |
| 19 |
public class SourceChecker__Plugin implements PluginFilter { |
| 20 |
|
| 21 |
//---FINAL ATTRIBUTES--- |
| 22 |
|
| 23 |
/** |
| 24 |
* The current CVS revision of this class |
| 25 |
*/ |
| 26 |
public final String REVISION = "$Revision: 1.1 $"; |
| 27 |
|
| 28 |
public final String DESC = "Checks the machine_name attribute in the packet attributes. This must machine must be permitted by the ACL to allow the packet through."; |
| 29 |
|
| 30 |
//---STATIC METHODS--- |
| 31 |
|
| 32 |
//---CONSTRUCTORS--- |
| 33 |
|
| 34 |
public SourceChecker__Plugin() { |
| 35 |
// setup an empty ACL defaulting to ALLOW |
| 36 |
_acl = new ACL(ACL.ALLOW); |
| 37 |
} |
| 38 |
|
| 39 |
//---PUBLIC METHODS--- |
| 40 |
|
| 41 |
// apply the filter and return true if successful. |
| 42 |
public boolean runFilter(XMLPacket packet){ |
| 43 |
String newStringACL; |
| 44 |
// get hold of the ACL in the configuration |
| 45 |
try { |
| 46 |
newStringACL = ConfigurationProxy.getInstance().getProperty("Filter." + FilterMain.NAME, "Filter.SourceCheckerPluginACL"); |
| 47 |
} |
| 48 |
catch(PropertyNotFoundException e) { |
| 49 |
// if we can't find it, we'll just use a null ACL |
| 50 |
newStringACL = ""; |
| 51 |
_logger.write(toString(), Logger.WARNING, "No ACL found for SourceChecker__Plugin, using empty ACL instead : " + e); |
| 52 |
} |
| 53 |
// check to see if the ACL has changed |
| 54 |
if(!newStringACL.equals(_stringACL)) { |
| 55 |
_logger.write(toString(), Logger.SYSMSG, "Reloading Access Control List"); |
| 56 |
// clear the ACL |
| 57 |
_acl.clear(); |
| 58 |
// set the default to something sane |
| 59 |
_acl.setDefaultMode(ACL.ALLOW); |
| 60 |
// add the new ACL (this may change the default) |
| 61 |
_acl.add(newStringACL); |
| 62 |
_stringACL = newStringACL; |
| 63 |
} |
| 64 |
|
| 65 |
// only want to check data or heartbeat packets |
| 66 |
// any others will probably get filtered out further up the filter chain |
| 67 |
if(packet.getParam("packet.attributes.type").equals("data") || |
| 68 |
packet.getParam("packet.attributes.type").equals("heartbeat")) { |
| 69 |
// check the machine name against the ACL |
| 70 |
// we could check the IP too... but it's a lot of work for _every_ packet... maybe... |
| 71 |
return _acl.check(packet.getParam("packet.attributes.machine_name")); |
| 72 |
} |
| 73 |
|
| 74 |
// a good catchall, I guess |
| 75 |
// it's not a data or heartbeat packet, in which case it should go through |
| 76 |
return true; |
| 77 |
} |
| 78 |
|
| 79 |
/** |
| 80 |
* Overrides the {@link java.lang.Object#toString() Object.toString()} |
| 81 |
* method to provide clean logging (every class should have this). |
| 82 |
* |
| 83 |
* This uses the uk.org.iscream.cms.server.util.NameFormat class |
| 84 |
* to format the toString() |
| 85 |
* |
| 86 |
* @return the name of this class and its CVS revision |
| 87 |
*/ |
| 88 |
public String toString() { |
| 89 |
return FormatName.getName( |
| 90 |
_name, |
| 91 |
getClass().getName(), |
| 92 |
REVISION); |
| 93 |
} |
| 94 |
|
| 95 |
/** |
| 96 |
* return the String representation of what the filter does |
| 97 |
*/ |
| 98 |
public String getDescription(){ |
| 99 |
return DESC; |
| 100 |
} |
| 101 |
|
| 102 |
//---PRIVATE METHODS--- |
| 103 |
|
| 104 |
//---ACCESSOR/MUTATOR METHODS--- |
| 105 |
|
| 106 |
//---ATTRIBUTES--- |
| 107 |
|
| 108 |
/** |
| 109 |
* This is the friendly identifier of the |
| 110 |
* component this class is running in. |
| 111 |
* eg, a Filter may be called "filter1", |
| 112 |
* If this class does not have an owning |
| 113 |
* component, a name from the configuration |
| 114 |
* can be placed here. This name could also |
| 115 |
* be changed to null for utility classes. |
| 116 |
*/ |
| 117 |
private String _name = FilterMain.NAME; |
| 118 |
|
| 119 |
/** |
| 120 |
* This holds a reference to the |
| 121 |
* system logger that is being used. |
| 122 |
*/ |
| 123 |
private Logger _logger = ReferenceManager.getInstance().getLogger(); |
| 124 |
|
| 125 |
/** |
| 126 |
* This holds the ACL for the plugin. |
| 127 |
*/ |
| 128 |
private ACL _acl; |
| 129 |
|
| 130 |
/** |
| 131 |
* The current String representation of our ACL. |
| 132 |
*/ |
| 133 |
private String _stringACL = ""; |
| 134 |
|
| 135 |
//---STATIC ATTRIBUTES--- |
| 136 |
|
| 137 |
} |
